2 matches found
Secunia Research: DeluxeBB SQL Injection and File Inclusion Vulnerabilities
====================================================================== Secunia Research 14/06/2006 - DeluxeBB SQL Injection and File Inclusion Vulnerabilities - ====================================================================== Table of Contents Affected...
CVE-2006-2915
DeluxeBB 1.06 has confirmed SQL injection vulnerabilities (CVE-2006-2915) via the register-time parameters hideemail, languagex, xthetimeoffset, and xthetimeformat. Secunia Research notes these inputs are not properly sanitised before being used in SQL queries, enabling remote manipulation of the...